<?php
	session_start();
	if(!isset($_SESSION["jara_admin"])) {
		header("Location: ../login.php");
		exit;
	}
	require_once("../include/templating_fns.php");
	require_once("../include/db_fns.php");
	require_once("../include/auth_fns.php");
	jara_page_start("Change My Password - Administrator CP");
	if(isset($_POST["change_action"])) {
		try {
			$password = $_POST["password"];
			$confirm_password = $_POST["confirm_password"];
			$old_password = $_POST["old_password"];
			if($password != $confirm_password) {
				echo "<p>You entered your confirmation password incorrectly.<br /><a href=\"change_password.php\">Try again</a></p>";
				jara_page_end();
				exit;
			}
			if(!jara_user_authenticate($_SESSION["jara_admin"], $old_password)) {
				echo "<p>You entered your old password incorrectly.<br /><a href=\"change_password.php\">Try again</a></p>";
				jara_page_end();
				exit;
			}
			$result = jara_db_query("update jara_users set password = SHA1('".$_POST["password"]."')");
			if($result == 0) {
				throw new JaraGeneralException("No information has been changed in the database.");
			}
			else {
				echo "<p>Your password has been changed to $password.</p>";
				jara_page_end();
				exit;
			}
		}
		catch(JaraDatabaseException $ex) {
?>
	<p>
		A database error occured during the process of creating this page.
	</p>
	<p>
		Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
		Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
	</p>
<?php
			jara_page_end();
		}
		catch(JaraGeneralException $ex) {
?>
	<p>
		A general error occured during the process of creating this page.
	</p>
	<p>
		Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
	</p>
<?php
			jara_page_end();
		}
		exit;
	}
?>
<form action="change_password.php" method="post">
<h3>Change my password</h3>
<p>
<input type="hidden" name="change_action" id="change_action" value="save" />
Old Password: <input type="password" name="old_password" id="old_password" /><br />
New Password: <input type="password" name="password" id="password" /><br />
Confirm New Password: <input type="password" name="confirm_password" id="confirm_password" /><br />
<input type="submit" value="Change" />
</p>
</form>
<?php
	jara_page_end();
?>